CVE-2025-38715
BaseFortify
Publication date: 2025-09-04
Last updated on: 2026-03-17
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | 5.10.244-1 |
| linux | kernel | 6.1.153-1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a slab-out-of-bounds issue in the Linux kernel's HFS filesystem code, specifically in the hfs_bnode_read() function. It occurs when the code accesses memory beyond what is allocated, which can lead to crashes. The fix involves adding methods to validate and correct the requested offset and length to prevent out-of-bounds memory access.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash due to out-of-bounds memory access in the HFS filesystem code. Such crashes can lead to denial of service or system instability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version that includes the patch fixing the slab-out-of-bounds issue in hfs_bnode_read(). This patch introduces validation methods to prevent out-of-bounds memory access. Applying the latest kernel updates from your distribution is the recommended immediate step.